Improving Trusted Tickets with State-Bound Keys

Abstract

Traditional network authentication systems like Windows’ Active Directory or MIT’s Kerberos only provide for mutual authentication of communicating entities, e.g. a user’s email client interacting with an IMAP server, while the user’s machine is inherently assumed to be trusted. While there have been first attempts to explicitly establish this trust relationship by leveraging the Trusted Platform Module, these provide no means to directly react to potentially relevant changes in the client’s system state. We expand previous designs by binding keys to the current platform state and involving these in the network authentication process, thereby guaranteeing the continued validity of the attestee.